Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.

Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.

The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Cybersecurity

NTIA’s cybersecurity multistakeholder processes, conducted in an open and transparent manner, contribute to the security of the nation’s Internet architecture. The consensus-based development of market-based cybersecurity solutions and guidance creates a foundation for increasing digital security. Recent processes include:

Related content


Remarks of Acting Assistant Secretary Rinaldo at Mobile World Congress Americas

Remarks of Diane Rinaldo
Acting Assistant Secretary of Commerce for Communications and Information
Mobile World Congress Americas
Los Angeles, California
October 23, 2019

-- As Prepared for Delivery --

Thank you. I’m thrilled to be in Los Angeles for this exciting conference – and discussions about our technology future.

Notice of 11/18/2019 Multistakeholder Process on Promoting Software Component Transparency Meeting

October 22, 2019

NTIA will convene a meeting of a multistakeholder process on promoting software component transparency on November 18, 2019 from 10:00 a.m. to 4:00 p.m., Eastern Time. The meeting will be held at the American Institute of Architects, 1735 New York Ave. NW, Washington, DC 20006. For further information contact Allan Friedman, National Telecommunications and Information Administration, U.S.

Moving Toward a More Transparent Software Supply Chain

September 30, 2019

Earlier this month, NTIA convened the latest in a series of multistakeholder meetings on software component transparency. For more than a year, stakeholders have been exploring this issue through four working groups established during the July 2018 kickoff meeting. The broader community meets periodically to share progress and encourage feedback through in-person and virtual meetings.

Most modern software is not written completely from scratch, but includes existing components, modules, and libraries from the open source and commercial software world. Modern development practices such as code reuse, and a dynamic IT marketplace with acquisitions and mergers, make it challenging to track the use of software components.

The Internet of Things and the emergence of Cyber-Physical Systems, which integrate computation, networking, and physical processes, compound this phenomenon, as new organizations, enterprises and innovators take on the role of software developer to add “smart” features or connectivity to their products. Although the majority of libraries and components do not have known vulnerabilities, the sheer quantity of software means that some software products ship with vulnerable or out-of-date components.

Subscribe to Cybersecurity